ICT security in enterprises, 2010

EUROPEAN-COMMISSION-EUROSTAT - European Commission Eurostat

Découvre YouScribe en t'inscrivant gratuitement

Je m'inscris

Obtenez un accès à la bibliothèque pour le consulter en ligne
En savoir plus

12 pages

English

Obtenez un accès à la bibliothèque pour le consulter en ligne
En savoir plus

A propos
Informations
Extrait

Description

Industry, trade and services
Information policy
Business organisation and management
Target audience: Specialised/Technical

Informations

Publié par	EUROPEAN-COMMISSION-EUROSTAT
Nombre de lectures	10
Langue	English

Extrait

Industry, trade and services Konstantinos GIANNAKOURIS, Maria SMIHILY

S t a t i s t i c s i n f o c u s 7/2011

ICT security in enterprises, 2010 The 2010 Community survey questionnaire on The share of large enterprises that had ‘ICT usage and eCommerce in enterprises’ comprised a set of questions specific toa formally defined ICT security policy Information and Communications Technologieswas three times more than the share of (ICT) security. In this context, ICT security small ones. refers to relevant incidents as well as measures, controls and procedures applied by enterprisesThe existence of an ICT security policy in an in order to ensure integrity, confidentiality andenterprise means that the enterprise is aware of the availability of data and ICT systems.importance of its ICT and the related risks. The survey focus was on policies which were actually applied, hence regularly reviewed and accordingly adapted. In January 2010, almost three out of ten Highlights enterprises in the EU27 had a formally defined ICT security policy with a plan for regular review. In January 2010, 27 % of enterprises in the EU27 had a formally definedICT security policywith a Figure 1 shows that the share of large enterprises plan for regular review; the corresponding shares that had a formally defined ICT security policy was in Sweden, Norway and Denmark were over 40 %. three times more than the share of small ones. The highest proportion of enterprises having such a The highest percentage of enterprises with a policy (52 %) in the EU27 was reported within the formally defined ICT security policyaddressing sector Information and communication activities the risksof destruction or corruption of data due to (Figure 2). The lowest proportions — less than one an attack or some other unexpected incident was out of four enterprises — were registered in the reported in Norway (42 %). sectors Transportation and storage, Construction Voluntary training or use of generally available and Accommodation and Food service activities. information was the approach most commonly Figure 1: Enterprises having a formally defined ICT reported by enterprises formaking their staff security policy, by size class, EU27, January 2010 (% awareof their obligations in relation to ICT of enterprises) security. The highest proportions of enterprises which have adopted this approach were registered Large enterprises 65 in Cyprus and Finland with 77 % and 74 % respectively. Medium enterprises 43 In the majority of EU27 Member States,the disclosure of confidential data due to intrusion, Small enterprises 22 pharming or phishing attackswas reported by 1 % or less of enterprises in 2009. In January 2010,the use of strong password authenticationwas the most commonly reported All enterprises 27 procedure used by enterprises for internal ICT security, with the highest share registered in Italy20 30 40 50 60 700 10 (64 %).Medium: 50  249 Large: 250 or moreSmall: 1049 persons employed

Source: Eurostat (online data code :isoc_cisce_ra)